CDO/Net4j Authentication

In most enterprise application a user has to authenticate against the webserver, CDO application are not different in this aspect. So naturally CDO and Net4j provide a possibility to authenticate. The source code shown in this section is part of a big example project exploiting RCP + EMF + Databinding features.

The value is the path to the user/password-File the authentication is done against. In this simple case the file is a Property-File and looks like this:

tom=myverysecretpassword

CDO 3.0

Note that in CDO 3.0 we have an additional authentication mechanism per CDOSession (not on Net4j IConnector level). Using the IConnector based authentication is not the recommended way anymore.

The new CDOSession based approach involves setting an IUserManager into the ISessionManager of the IRepository before the repository is activated. On the client side you need to set an ICredentialsProvider into the CDOAuthenticator of the CDOSessionConfiguration before the session is opened. Both the IUserManager and the ICredentialsProvider can be the same implementations that you used with the Net4j based approach before.

CDO 3.0 does not yet have permission based security / Access Control List. But you might be able to implement your own using custom IRepository.ReadAccessHandler and IRepository.WriteAccessHandler.

The authentication negotiation has to be configured before the connection to the server is establish which happens here in the TCPUtil.getConnector()-method. So we somehow have to configure the system in between the call.

The only thing we need to do is to register a PostProcessor for the IPluginContainer.INSTANCE. This has to done only once for a IManagedContainer so the best part is a static block in the CDOSessionProvider.